The folks in the Malwarebytes forums are quick to point out that Malwarebytes Anti-malware isn’t a substitute for anti-virus software. In fact, if you run Malwarebytes Anti-malware, you’ll see that they explicitly recommend that you run anti-virus tools in addition.

Another characterization that you’ll not find anyone using is calling Malwarebytes Anti-malware an anti-spyware tool.

“

What Malwarebytes Anti-malware has a great reputation for is simply this: removing malware that other tools miss.

While that’s perhaps the closest or least inaccurate characterization, I’ve noted that the folks at Malwarebytes avoid calling it that. In a sense, the term is too vague anyway; to the extent that most people think of “spyware,” it’s also perhaps too limiting.

So, I also run (and recommend) the same Microsoft Security Essentials as my anti-spyware tool.

So just what is Malwarebytes Anti-malware?

As it turns out, Malwarebytes is hard to pigeon-hole. It has characteristics of both anti-virus and anti-spyware tools and it certainly removes things that we might consider viruses and spyware, and yet it’s not really a complete solution for virus protection, although perhaps it’s close to a solution for anti-spyware.

And yet – those terms just don’t cover or characterize the tool properly.

Hence, it’s an anti-malware tool.

Why I recommend it

What Malwarebytes Anti-malware has a great reputation for is simply this: removing malware that other tools miss.

The nature of the race against malware means that no single anti-virus or anti-spyware tool is going to detect and remove every possible infection. No tool is perfect.

When faced with someone who suspects or has all the indications of their machine being infected with malware of some sort, my instructions almost always boil down to this:

Run an up-to-date anti-virus scan, making sure that both the anti-virus tool and its database are as up-to-date as possible.

Run an up-to-date anti-spyware scan, making sure that both the anti-spyware tool and its database are as up-to-date as possible.

Consider running a scan using the free Malwarebytes Anti-malware tool.

That last line is there simply because experience shows that even up-to-date scans with good anti-virus and anti-spyware tools can still miss things, things that Malwarebytes Anti-malware will sometimes catch.

Running Malwarebytes Anti-malware all the time

Like many anti-spyware and anti-virus products, the PRO version of Malwarebytes Anti-malware can be installed and instructed to run regularly scheduled scans.

There’s absolutely nothing at all wrong with that. Used in addition to a good anti-virus program, it provides an added layer of security. Even though it overlaps in some ways with anti-spyware tools, running it in addition to one of those may also be a reasonable solution. It’s possible (although I have not confirmed) that it’s not unreasonable for MalwareBytes Anti-malware to take the place of an anti-spyware tool.

That’s just not how I use it, and it’s not the scenario that I end up recommending. Nothing against that scenario; it’s just not the way I use Malwarebytes.

Why Malwarebytes Anti-malware isn’t installed on my machine

Put a different way, I consider Malwarebytes Anti-malware a great on-demand solution, and I run it only when I feel I need to.

If I suspect that there is malware of some sort on my machine, then I absolutely grab the latest version of Malwarebytes Anti-malware and scan the heck out of my machine.

I just don’t bother installing it until I run into that situation. Fortunately for me, that doesn’t happen very often.

Unfortunately for others, however, it does, and as a result, Malwarebytes Anti-malware is something I mention to people almost daily.

Leo Who?

I'm Leo Notenboom and I've been playing with computers since I took a required programming class in 1976. I spent over 18 years as a software engineer at Microsoft, and after "retiring" in 2001 I started Ask Leo! in 2003 as a place to help you find answers and become more confident using this amazing technology at our fingertips. More about Leo.

I feel like I should add something to this discussion; MalwareBytes is known by most malware designers, and many malware programs (such as fake AV scanners) will actually block malwarebytes from being installed. There are ways around this, of course. Sometimes it is as simple as renaming the setup file; other times it isn’t.
I highly recommend keeping malwarebytes installed pre-emptively and regularly updated, to ensure there is one less headache when you need to do a removal.

Good plain article Leo. Have run MBAM for 4 years now and it has never found anything. But I do run 4 other “On Demand” and they have not either. I, as you have ob. worked out believe in the “Tiered System” of scanning. But have used MBAM on other comp’s and found it very effective. 2 others I would recommend to most people are SAS and Hitmanpro. Suppose you can never be too careful. If any failure there is always the image backup 🙂

FYI, Malwarebytes Anti-malware just released an update for its free version (1.65.0.1400). I also use Malwarebytes Anti-malware in the same manner as Leo. I use Bitdefender 2011 as my primary AV software, but I still want a second software company to use as an occasional check. Today the updated Malwarebytes Anti-malware found a file it flagged, and Bitdefender had not flagged.

Perfectly explained Leo. I also use Microsoft Security Essential and have SuperAnitSpyware running actively and both MSE and SAS runs a scan every night. Then on weekends I clean my computer and registry with CCleaner and I scan with Malwarebytes Antimalware too. Maybe that is a little overkill but a few times over the years my computer has just about been wiped out by the “bad stuff.”…haha…

Keep up the great work and thanks for being there for us lessers in the computer world.

I’ll second Ben’s point. While Leo won’t need it on his computer because he’s capable of getting it on there if needed, most casual users who come to me and want me to fix their infections are another story. If I work on a client’s (read:friend or family member) computer, I do like Ben suggests and install it as a premptive measure. I also remove any shortcuts to it, including the start menu entry because if I don’t, 6 months from now when they re-discover it they think it’s something bad due to its name being so ridiculous. I do the same with HijackThis.

After recently suffering an attack by Trojan:Win32/FakeSysef, a couple of Exploits and more, I ended up (luckily) at bleepingcomputers.com. One of their associates helped me through the complex procedures of eliminating everything. Near the end, I used Malwarebytes (free) to catch pum.hijack.startmenu and others. I was advised to buy MBAM Pro and run it along side of MS Sec Ess, which I did. Two weeks later I got an email supposedly from my nephew’s wife with a “family message.” Acutally, we have a google family doc so I thought nothing of opening it. Blamo, MBAM immediately popped up and isolated an attacker…never did “hear” from MSSE. I also was running MSSE when I got the original attack. The bleepingcomputers agent advised me, because I asked about the value of MSSE, that he sees the same attacks from those using McAfee, Norton, etc. In fact, he uses MSSE…plus MBAM Pro. Folks, I saw the evidence with my own eyes. Petaluma, CA

This is sheer heresy, I know, but after years of experience I’ve come to the tentative conclusion that these security products are generally more trouble than they are worth. Most of the time I check suspect files with on-line scans like Jotti before running them and use Comodo Time Machine or Horizon Rollback to return to a previous system state if my computer is compromised. These, unlike System Restore, are generally not affected by malware and offer a pre-boot screen for when a system has become unbootable. The effects of rootkits these days can be so insidious and severe that generally antiviruses neither prevent them nor reverse their damage. ComboFix has generally worked best for me after the event, but the system is still often never quite the same after the attack.

Leo,
I’ve got 13 years in the virus removal business just south of Atlanta, Georgia. You’ve helped me before – and really saved my bacon – for which I’m always so grateful.
Here’s my secret formula for virus removal with pc’s that will, at a minumum, boot up to a desktop.
1. RKill
2. ComboFix
3. MalwareBytes
4. SuperAntiSpyware
5. cCleaner
6. Glary Utilities – only an old version 2.41 or older
7. Defraggler
8. Agent Ransack
9. Revo Uninstaller
10. UNHIDE – it’s also at Bleeping Computer’s web site
11. Microsoft Malicious Software Removal Tool
12. Microsoft Security Essentials – every word of Leo’s comments about MSE are valid.
All except Glary Utilities are no better than the last time they were downloaded and updated. These software tools change and improve as do the viral threats we all face. They change almost by the minute.
Leo, you’ve avoided recommending ComboFix just like everybody else – even including it’s author, Lawrence Abrams… who also authors Rkill. I’ve had it bite me one time in all of the five years I’ve used it and we’re talking about thousands of repair jobs. ComboFix is the only reliable tool I have in my tool kit right now for combating ROOT KITS and BOOT KITS. These horrible versions of viruses are the most formidable of all the threats we face. And most root/boot kit removal tools are, for me anyway, just about as horrible to use. Thank goodness for ComboFix and for all the good work Lawence Abrams and sUbs do, not to mention their world class website at BleepingComputer.
I only put in my two cents worth today because all of you, including Leo, have for some reason, left SuperAntiSpyware out of the more general Malwarebytes discussion.
I would not ever run Malwarebytes without also running SuperAntiSpyware… both immediately after running ComboFix.
Leo, you’ve repeatedly said that no single tool is adequate in this never-ending fight. Please tell your audience that is never more true than with the dual combination MWB and SAS – what one misses the other picks up. You would not DARE return a pc to a customer – not in Atlanta, any way – after only running one or the other. I don’t own any stock in any company or have any affiliation with anything mentioned here today.
And lately, Leo, if there’s time I also run the free on-line scans at eSet and F-Secure, sometimes Bit Defender and/or Trend Micro’s Housecall. I always want a 2nd, 3rd, 4th, or 5th opinion when dealing with computer cancer. You know what I mean.
The FBI says there are upwards of 1,200 new viruses or “viral threats” coming into the Internet every hour. Add to that the email tricks, the downloaded music tricks, the infected USB key a friend brings over to your house, on and on and on. The threats are constantly changing. The tools I use to TRY to stay up with these changing threats change too. So if you talk to me 5 years from now I’ll probably be recommending a completely different soup of tools that have evolved along the way. But for now, this is what the Soup Nazi recommends if you love your computer and your information.
And update update update every day. Except for Glary Utilities none of these tools and scanners are any better than the last time they were updated. The problem with recent versions of Glary are for another day and another discussion.

Considering the proliferation of malware and its increasing sophistication I’m surprised no one has mentioned Microsoft’s own EMET program. Should be considered a front line defense against 0 day attacks.

This is what Microsoft says about it. “The Enhanced Mitigation Experience Toolkit (EMET) is a utility that helps prevent vulnerabilities in software from being successfully exploited. EMET achieves this by using security mitigation technologies. These technologies function as special protections and obstacles that an exploit author must defeat to exploit software vulnerabilities. These security mitigation technologies do not guarantee that vulnerabilities cannot be exploited. However, they work to make exploitation as difficult to perform as possible. In many instances, a fully-functional exploit that can bypass EMET may never be developed.”

to Bill Trail
I stopped using super anti spyware, because it only seems to find cookies, which I always delete before I turn off the machine. I have Glary utilities installed and have no problems. I often use combofix and never had any problems, except when I forgot I set the machine to CHKDSK /F. on the next boot. Just select last known configuration in one of the loops and start over. Bob Rankin also does not mention combofix. it is safe and I am not know why it is not mentioned on either site.

Your advice to grab/install Malwarebytes (MWB) when malware is suspected on a machine can be problematic if the malware prevents access to the Internet in general or specifically anti-malware or AV sites. I’ve run across that a number of times over the years. Sometimes it’s a matter of removing a proxy set up by the malware; other times that isn’t the problem. Having an updated version of MWB already on the machine avoids that issue. Using the Pro proactive version is even better – blocking the malware from getting on the machine in the first place.

I’ve been running Malwarebytes for the last two years as part of my regular weekly PC cleanup. I update it every time. In those two years, it has never found or deleted anything – the report at the end of the run is always “No items found”. Not that I’m complaining… but I find it hard to believe that my computer is totally free from malware, spyware or whatever, so perhaps I’m missing something?

Depends on what you do with your computer, but even though I’ve never had a malware infection, I still run anti-malware tools that continue to tell me I’m not infected. Best to be safe for that one slip-up you hope never happens.

I purchase,what was thought to be a anti virus CD. upon opening the package,it contain an activation code only no CD. Why are some antivirus companies downloading,rather than give customers the CD they paid for? I’m curious about this change? 12/4/2015 1915hrs Friday

I would not ever run Malwarebytes without also running SuperAntiSpyware… both immediately after running ComboFix.
Leo, you’ve repeatedly said that no single tool is adequate in this never-ending fight. Please tell your audience that is never more true than with the dual combination MWB and SAS – what one misses the other picks up. You would not DARE return a pc to a customer – not in Atlanta, any way – after only running one or the other. http://softwareswin.com/malwarebytes-anti-malware-premium-2-2-0-1024/

I was using Kaspersky on my PC and Macs and now, using Malwarebytes as well. It doesn’t matter where malware comes from. It is really incredible with super fastest speed and security results. Great performance, thanks Malwarebytes. So i’ll also recommend you that link… {link removed}

Maware antimalware tools is the worst one on market. It should work on moving malware out.
For specal situations you “have” ability to decide what should be removed.
Special for pup programs. BUT you can write what you want to move and what not, but this program delete everything.
Please remove this possibility for customer to decide, because program anyway works what it wants.
I’m really fedup with looking all the time what this program does.

I use my Computer for getting the news and watching online sport….I have no TV etc so my two computers are my only friends.. …My problem is over the last 12 months the internet with its popup porn adds has rendered the web sites that one used to get sport on useless …its not a question of using blocking programs as the site sees that one is using a blocker and therefore blocks you itself…..
I see no future in this… But who is putting the adds on cause it seems some company in my own country is doing it….I just do not understand it….

Thanks for your so prompt (same day service) response, Leo. It is much appreciated. However, as far as the program Malwarebytes is concerned, it is the same old story. I did install from the URL provided, it did say free download. During the installation, it did ask me whether it is a Personal/Work computer. It was my personal computer but in the end I ended up with the same Premium trial valid for 14 days. It is really ironic and tricky.

I just went through the process myself. Yes, what you get is a 14 day trial, but after that you need do nothing, and it becomes the completely free version.

Leave a reply:

Before commenting please:

Read the article.

Comment on the article.

No personal information.

No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.